Linux Basics
◾
23
t—This indicates the sticky bit permissions. Represented as a t in the executable portion of the
all users permissions
i—chatter Making file unchangeable
There are two more which mostly used by devices.
c—Character device
b—Block device (i.e., hdd)
Let’s go through some examples
Link Permission
root@net:~#ln -s new /root/link
root@net:~#ls -al
lrwxrwxrwx 1 ali ali 3 Mar 18 08:09 link -> new
link is created for a file name called new (link is symbolic for file name new)
Suid & Guid Permission
setuid
(
SUID
)—This is used to grant root level access or permissions to users
When an executable is given setuid permissions, normal users can execute
the file with root level or
owner privileges. Setuid is commonly used to assign temporarily privileges to a user to accomplish
a certain task. For example, changing a user’s password would require higher privileges, and in this
case, setuid can be used.
setgid
(
SGID
)—This
is similar to setuid, the only difference being that it’s used in the context
of a group, whereas setuid is used in the context of a user.
root@net:~#chmod u+s new
root@net:~#ls -al
-rwSr--r-- 1 ali ali 13 Mar 18 07:54 new
Capital
S
shows Suid for this file.
root@net:~#chmod g+s guid-demo
root@net:~#ls -al
-rw-r-Sr-- 1 ali ali 0 Mar 18 09:13 guid-demo
Capital
S
shows Guid for guid-demo file and capital S is in group section.
Stickybit Permission
This is another type of permission; it is mostly used on directories to
prevent anyone other than
the “root” or the “owner” from deleting the contents.
root@net:~#chmod +t new
root@net:~#ls -al
-rw-r--r-T 1 ali ali 13 Mar 18 07:54 new
Capital
T
shows that stickybit has been set for other user (only owner or root user can delete files)
24
◾
Ethical Hacking and Penetration Testing Guide
Chatter Permission
root@net:~#lsattr
---------------- ./new
root@net:~#chattr +i new
root@net:~#lsattr
----i----------- ./new
Small
i
shows that this file is unchangeable and lsattr is a command to check if there is chattr on file.
Before we end up with file permission, let’s have little look about numerical file permission.
r = 4
w = 2
x = 1
The sum of those aforementioned values manipulates the file permission accordingly, that is,
root@net:~# ls -al
-rw-r--r-- 1 ali ali 13 Mar 18 07:54 new
Here other user only having “read” permission so what we are going to do
is to change it into read
and write but not execute.
root@net:~#chmod 646 new
root@net:~#ls -al
-rw-r--rw- 1 root root 13 Mar 18 07:54 new
Let’s explore a bit more into it, we want read + write permission so 4 + 2 = 6 that’s mean read and write.
Hope it is clear now how to set permission on a file and what it does.
Dostları ilə paylaş: